Cisco IOS SIP Packet Remote DoS (Bug ID CSCdz39284, CSCdz41124)

high Nessus Network Monitor Plugin ID 2251

Synopsis

The remote host is vulnerable to a Denial of Service (DoS) attack.

Description

It is possible to make the remote IOS crash by sending malformed SIP packets. These vulnerabilities are documented as CISCO bug id CSCdz39284 and CSCdz41124.

Solution

http://www.cisco.com/warp/public/707/cisco-sa-20030221-protos.shtml

Plugin Details

Severity: High

ID: 2251

Family: SNMP

Published: 9/3/2004

Updated: 3/6/2019

Nessus ID: 11380

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.2

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS v3

Risk Factor: High

Base Score: 7.3

Temporal Score: 6.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:cisco:ios

Reference Information

CVE: CVE-2003-1108, CVE-2003-1109, CVE-2003-1110, CVE-2003-1111, CVE-2003-1112, CVE-2003-1113, CVE-2003-1114, CVE-2003-1115

BID: 6904